package com.ymttest.business.data;

import org.json.JSONException;
import org.json.JSONObject;

import com.ymt.base.YmatouBaseCall;
import com.ymt.core.tool.Logger;
import com.ymttest.database.mongo.YmatouBlacklistUserWapper;
import com.ymttest.database.sqlwapper.UserSafeWapper;

public final class LoginSafeConfiguration {
	private static UserSafeWapper authWapper = new UserSafeWapper();
	private static YmatouBlacklistUserWapper blackLisWapper;
	public static final boolean AUTH_DEVICE_OPEN = isAppAuthOpen();
	public static final boolean AUTH_PC_OPEN = isPCAuthOpen();
	public static final int IP_LOGIN_FAIL_LIMIT = getIpLoginFaileLimit();
	public static final int IP_LOGIN_SUCCESS_LIMIT = getIpLoginSuccessLimit();
	public static final int DEVICE_LOGIN_FAIL_LIMIT = getDeviceLoginFailLimit();
	public static final int DEVICE_LOGIN_SUCCESS_LIMIT = getDeviceLoginSuccessLimit();
	public static final int APP_LOGINPAS_CHECKSPEC = getAppLoginPasCheckSpec();
	public static final int PC_LOGINPAS_CHECKSPEC = getPcLoginPasCheckSpec();
	public static final boolean isAppAppDeviceOpen=isAppAppDeviceOpen();
	/**
	 * 获取配置APP安全验证是否打开
	 * @return
	 */
	private static boolean isAppAuthOpen(){
		int open = Integer.valueOf(authWapper.getLoginSafeConfiguration("LoginSafe", "App", "Open").get("Value").toString());
		return open==1? true:false;
	}
	/**
	 * 获取配置APP设备号安全验证是否打开
	 * @return
	 */
	private static boolean isAppAppDeviceOpen(){
		int open = Integer.valueOf(authWapper.getLoginSafeConfiguration("LoginSafe", "AppDevice", "StatusCheck").get("Value").toString());
		return open==1? true:false;
	}
	/**
	 * 获取配置PC端安全验证是否打开
	 * @return
	 */
	private static boolean isPCAuthOpen(){
		int open = Integer.valueOf(authWapper.getLoginSafeConfiguration("LoginSafe", "Pc", "Open").get("Value").toString());
		return open==1? true:false;
	}
	
	/**
	 * 登陆失败上限，大于该值，则加入IP黑名单（有时间限制，由于自动化代码运行较快，会在指定时间内运行完，所以没有从配置中查出时间的配置）
	 * @return
	 */
	private static int getIpLoginFaileLimit(){
		int loginFailLimit = Integer.valueOf(authWapper.getLoginSafeConfiguration("BlackList", "Ip", "LoginFailLimit").get("Value").toString());
		return loginFailLimit;
	}
	
	/**
	 * 登陆成功上限，大于该值，则加入IP黑名单（有时间限制，由于自动化代码运行较快，会在指定时间内运行完，所以没有从配置中查出时间的配置）
	 * @return
	 */
	private static int getIpLoginSuccessLimit(){
		int loginSuccessLimit = Integer.valueOf(authWapper.getLoginSafeConfiguration("BlackList", "Ip", "LoginSuccessLimit").get("Value").toString());
		return loginSuccessLimit;
	}
	
	/**
	 * 登录失败大于此值则加入黑名单
	 * @return
	 */
	private static int getDeviceLoginFailLimit(){
		int loginFailLimit = Integer.valueOf(authWapper.getLoginSafeConfiguration("BlackList", "Device", "DeviceLoginFailLimit").get("Value").toString());
		return loginFailLimit;
	}
	
	/**
	 * 登陆成功上限，大于等于该值，则加入黑名单
	 * @return
	 */
	private static int getDeviceLoginSuccessLimit(){
		int loginSuccessLimit = Integer.valueOf(authWapper.getLoginSafeConfiguration("BlackList", "Device", "DeviceLoginSuccessLimit").get("Value").toString());
		return loginSuccessLimit;
	}
	
	/**
	 * App端，登陆历史密码错误检查规则（ex，-10,6:十分钟内大于6次）
	 * @return
	 */
	private static int getAppLoginPasCheckSpec(){
		String appLoginPasCheckSpec = authWapper.getLoginSafeConfiguration("LoginSafe", "AppLoginPas", "CheckSpec").get("Value").toString();
		return Integer.valueOf(appLoginPasCheckSpec.split(",")[1]);
	}
	
	/**
	 * PC端，登陆历史密码错误检查规则（ex，-10,6:十分钟内大于6次）
	 * @return
	 */
	private static int getPcLoginPasCheckSpec(){
		String pcLoginPasCheckSpec = authWapper.getLoginSafeConfiguration("LoginSafe", "PcLoginPas", "CheckSpec").get("Value").toString();
		return Integer.valueOf(pcLoginPasCheckSpec.split(",")[1]);
	}
	
	/**
	 * 验证登录状态
	 * @param lac
	 */
	public static void checkLoginStatus(YmatouBaseCall lac){
		if(AUTH_DEVICE_OPEN){
			Logger.comment("安全认证是打开状态，需要进行安全认证");
			Logger.verifyEquals("false", lac.getString("Success"), "验证登陆失败");
			Logger.verifyIsContains("请执行身份", lac.getString("LastErrorMessage"), "验证登陆信息");
		}else{
			Logger.comment("安全认证是关闭状态，不需要进行安全认证，可以直接登陆成功");
			Logger.verifyEquals("true", lac.getString("Success"), "验证登陆成功");
		}
	}
	
	/**
	 * 验证IP/设备认证状态
	 * @param deviceauthstatusrequestdtoCall
	 * @throws JSONException 
	 */
	public static void checkAuthStatus(boolean authFail, YmatouBaseCall authstatusrequestdtoCall) throws JSONException{
		if(!authFail){
			Logger.verifyEquals("false", authstatusrequestdtoCall.getString("Success"), "验证登陆失败");
			Logger.verifyIsContains("请执行身份", authstatusrequestdtoCall.getString("LastErrorMessage"), "验证登陆信息");
			Logger.verifyEquals("NeedIdentityVerify", new JSONObject(authstatusrequestdtoCall.getString("Result").toString()).get("Code"), "验证result信息");
		}else{
			Logger.verifyEquals("true", authstatusrequestdtoCall.getString("Success"), "验证登陆成功");
		}
	}
	
	/**
	 * 如果是黑名单，验证登陆状态
	 * @param success 是否登陆成功
	 * @param message 返回的message信息
	 * @throws Exception 
	 */
	public static void checkLoginStatusWithBlackIp(YmatouBaseCall lac, boolean checkBlackList, String ip) throws Exception{
		//mongo 数据同步 会有延迟
		Thread.sleep(1000);
		if(AUTH_DEVICE_OPEN){
			Logger.comment("安全认证是打开状态，需要进行安全认证");
			Logger.verifyEquals("false", lac.getString("Success"), "验证登陆失败");
//			Logger.verifyIsContains("请休息会", lac.getString("LastErrorMessage"), "验证登陆信息");
		}else{
			Logger.comment("安全认证是关闭状态，不需要进行安全认证，可以直接登陆成功");
			Logger.verifyEquals("true", lac.getString("Success"), "验证登陆成功");
		}
		if(AUTH_DEVICE_OPEN && checkBlackList){
			Logger.comment("验证已加入黑名单");
			blackLisWapper = new YmatouBlacklistUserWapper();
			Logger.verifyEquals(true, blackLisWapper.isIPLocked(ip), "验证Ip被加入黑名单");
		}
	}
}
